US10642968B2 - Controlling a device - Google Patents

Abstract

In accordance with an example aspect of the present invention, there is provided an apparatus comprising at least one receiver configured to receive, via a first channel, a secret value and an identifier of a local node and, via a second channel, a random value, and at least one processing core configured to cause transmission to the local node of a first message comprising a hash value, the hash value being derived based on a set comprising the secret value, the random value, and an instruction.

Description

RELATED APPLICATION

This application was originally filed as Patent Cooperation Treaty Application No. PCT/FI2014/050724 filed Sep. 24, 2014.

FIELD OF INVENTION

The present invention relates to the field of signalling between electrically operated devices, to control them.

BACKGROUND OF INVENTION

Interacting with distributed systems may take place in a variety of ways. In an Ethernet network, for example, devices are interconnected by the network and accessible to each other in a straightforward way. In the Internet, in contrast, messaging between devices may take place using internet protocol, IP, addressing and domain names. For example, a node may inquire for an IP address of a desired correspondent node based on a known domain name. Such an inquiry may be addressed to the domain name system, DNS. By updating to DNS, even changing IP addresses can be handled without interrupting connectivity.

Sensor networks may comprise sensor nodes interconnected with each other. Sensor nodes may be configured to communicate with each other and to provide sensor information to further nodes not comprised in the sensor network. To this end, a sensor network may have an internal addressing system distinct from an external IP network. At least one node in the sensor network may be either addressable from outside the sensor network, or be configured to provide information to a node external to the sensor network.

In the Internet of Things, IoT, scheme it is envisioned that a large number of identifiable devices, or nodes, can be communicated with based on an addressing scheme that may depend on the situation and application in question. To enable the large number of identifiable devices being connected to the IoT, addressing in accordance with internet protocol version 6, IPv6, is envisioned instead of the more limited IPv4 as IP addresses might otherwise run out. On the other hand, using network address translation, NAT, IPv4 addressing may be extended and the scarcity of IPv4 addresses alleviated, with an impact on usability that may vary depending on what kind of communication is desired.

Some IoT nodes are foreseen to have limitations in hardware and energy resources. For example, such nodes may be furnished with only limited memory capacity, they may operate on small batteries and/or they may have only modest processor capability. To enable their use in networking, protocols such as the constrained application protocol, CoAP, have been designed. CoAP has been standardized by the Internet Engineering Task Force.

SUMMARY OF THE INVENTION

In accordance with a first aspect of the present invention, there is provided an apparatus comprising at least one receiver configured to receive, via a first channel, a secret value and an identifier of a local node and, via a second channel, a random value, and at least one processing core configured to cause transmission to the local node of a first message comprising a hash value, the hash value being derived based on a set comprising the secret value, the random value, and an instruction.

Various embodiments of the first aspect may comprise at least one feature from the following bulleted list:

the at least one processing core is configured to derive the hash value

the at least one receiver is further configured to receive, over the first channel, a pin code, and to derive the hash value based further on the pin code

the first channel comprises a Bluetooth channel, a Bluetooth low-energy channel, a near field communication channel, an infra-red channel or a visual pattern recognition channel

the second channel comprises a websocket channel, a hypertext transport protocol channel, a constrained application protocol channel, extensible messaging and presence protocol, message queue telemetry transport, alljoyn or hypertext transport protocol channel 2.0 channel

the at least one processing core is configured to cause the first message to be transmitted via the second channel

the at least one processing core is further configured to cause transmission of a second message to the local node, the second message comprising a second hash value, the second hash value being derived based on a set comprising the secret value, a second random value, and a second instruction, the second random value being received in the apparatus from the local node at least in part as a response to the first message

the at least one receiver is further configured to receive, via the first channel, an identifier of a network node and the at least one processing core is configured to request, from the network node, control software configured to cause controlling of the local node, wherein the request comprises the identifier of the local node

the identifier of the local node comprises an internet protocol address of the local node, a fully qualified domain name of the local node or a pointer to a websocket proxy

the at least one processing core is configured to process, in the apparatus, an indication concerning whether it is necessary to include the instruction in the message.

In accordance with a second aspect of the present invention, there is provided an apparatus comprising at least one processing core and at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to store a secret value associated with the apparatus, transmit to a node a random value, receive a message from the node, the message comprising a first hash value, verify the hash value by deriving a comparative hash value based on a set comprising the secret value, an instruction, and the random value, responsive to the comparative hash value matching the first hash value, cause the apparatus to act on the instruction, and transmit to the node a second random value.

Various embodiments of the second aspect may comprise at least one feature from the following bulleted list:

the message comprises, in addition to the first hash value, the instruction

the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to provide the secret value to the node over a first channel, and to receive the message from the node over a second channel

the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to derive the comparative hash value based at least in part on a pin code provided to the node from the apparatus via the first channel

the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to periodically change the secret value

the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to derive, after transmitting the random value to the node, at least two comparative hash values using at least two possible values for the instruction

the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to transmit to the node a second random value responsive to receipt of the message.

In accordance with a third aspect of the present invention, there is provided a method comprising receiving, via a first channel, a secret value and an identifier of a local node and, via a second channel, a random value, and causing transmission to the local node of a first message comprising a hash value, the hash value being derived based on a set comprising the secret value, the random value, and an instruction.

Various embodiments of the third aspect may comprise at least one feature corresponding to a feature from the preceding bulleted list laid out in connection with the first aspect.

In accordance with a fourth aspect of the present invention, there is provided a method, comprising storing a secret value associated with an apparatus, transmitting to a node a random value, receiving a message from the node, the message comprising a first hash value, verifying the first hash value by deriving a comparative hash value based on a set comprising the secret value, an instruction, and the random value, responsive to the comparative hash value matching the first hash value, causing the apparatus to act on the instruction, and transmitting to the node a second random value.

Various embodiments of the fourth aspect may comprise at least one feature corresponding to a feature from the preceding bulleted list laid out in connection with the second aspect.

In accordance with a fifth aspect of the present invention, there is provided an apparatus comprising means for receiving, via a first channel, a secret value and an identifier of a local node and, via a second channel, a random value, and means for causing transmission to the local node of a first message comprising a hash value, the hash value being derived based on a set comprising the secret value, the random value, and an instruction.

In accordance with a sixth aspect of the present invention, there is provided an apparatus, comprising means for storing a secret value associated with the apparatus, means for transmitting to a node a random value, means for receiving a message from the node, the message comprising a first hash value, means for verifying the hash value by deriving a comparative hash value based on a set comprising the secret value, an instruction, and the random value, means for causing the apparatus to act on the instruction responsive to the comparative hash value matching the first hash value, and means for transmitting to the node a second random value.

In accordance with a seventh aspect of the present invention, there is provided a non-transitory computer readable medium having stored thereon a set of computer readable instructions that, when executed by at least one processor, cause an apparatus to at least receive, via a first channel, a secret value and an identifier of a local node and, via a second channel, a random value, and cause transmission to the local node of a first message comprising a hash value, the hash value being derived based on a set comprising the secret value, the random value, and an instruction.

In accordance with an eighth aspect of the present invention, there is provided a non-transitory computer readable medium having stored thereon a set of computer readable instructions that, when executed by at least one processor, cause an apparatus to at least store a secret value associated with the apparatus, transmit to a node a random value, receive a message from the node, the message comprising a first hash value, verify the hash value by deriving a comparative hash value based on a set comprising the secret value, an instruction, and the random value, responsive to the comparative hash value matching the first hash value, cause the apparatus to act on the instruction, and transmit to the node a second random value.

INDUSTRIAL APPLICABILITY

At least some embodiments of the present invention find industrial application in secured control of local devices.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an example system capable of supporting at least some embodiments of the present invention;

FIG. 2 illustrates an example use case in accordance with at least some embodiments of the present invention;

FIG. 3 illustrates an example apparatus capable of supporting at least some embodiments of the present invention;

FIG. 4 illustrates signalling in accordance with at least some embodiments of the present invention;

FIG. 5 is a first flow chart of a first method in accordance with at least some embodiments of the present invention, and

FIG. 6 is a second flow chart of a second method in accordance with at least some embodiments of the present invention.

DETAILED DESCRIPTION OF EXAMPLE EMBODIMENTS

A node may be built with low memory and/or processing requirements using embodiments of the invention described herein. By providing a secret value over a first channel to be used over communications over a second channel, access may be restricted to units having physical access to the node. A distinct random value may be employed for each message to prevent replay attacks. Instructions may be hashed together with the secret and random values to enable the node to verify them in a resource-efficient way, so that a cryptographic communication protocol such as transport layer security, TLS, needn't be implemented, for example.

FIG. 1 illustrates an example system capable of supporting at least some embodiments of the present invention. The system ofFIG. 1 comprisesdevice110, which may comprise a smartphone, cellular phone, tablet device, phablet device, laptop or desktop computer, or other suitable electronic device, for example.Device110 may comprise a user interface, which may comprise a touchscreen user interface or a keypad plus display user interface, for example.

Local node120 may comprise, for example, a sensor, a light control, a home automation control device or other suitable electronic device.Local node120 is in the example ofFIG. 1 connected togateway170 viaconnection127.Connection127 may comprise a wire-line connection or at least in part a wireless connection.Gateway170 is connected to network160 viaconnection176.Network160 may comprise the Internet or another suitable network, such as for example a corporate network. In some embodiments,local node120 is directly connected to network160 viaconnection127, andgateway170 is absent.

In the system ofFIG. 1,device110 is communicatively coupled tobase station130 vialink113.Base station130 may be configured to operate in accordance with at least one wireless technology, such as wideband code division multiple access, WCDMA, long term evolution, LTE, IS-95 or wireless local area network WLAN, which is also known as Wi-Fi.Link113 conforms to a technology thatbase station130 anddevice110 are configured to support.Link113 may be two-way in that it may comprise a downlink for transferring information frombase station130 todevice110, and an uplink for transferring information fromdevice110 tobase station130. Incase base station130 only supports WLAN and not a cellular technology such as WCDMA or IS-95, it may alternatively be known as an access point but in the present document, the term base station is used throughout for clarity. In some embodiments, instead of a wireless link, link113 comprises a wire-line link with a communication node that is communicatively coupled withnetwork160.

In the system ofFIG. 1,base station130 is communicatively coupled, viaconnection134, to networknode140.Network node140 may comprise a radio network controller, switch or other network node.Network node140 is communicatively coupled, viaconnection145, togateway150.Gateway150 in turn is connected to network160 viaconnection156. Each ofconnections134,145 and156 may be wire-line or at least in part wireless. Not all ofconnections134,145 and156 need to be of the same type. In some embodiments,network node140 and/orgateway150 are absent, leavingbase station130 in more direct contact withnetwork160.

In addition to link113 withbase station130,device110 is enabled to receive information fromlocal node120 vialocal link112.Local link112 may comprise a near-field communication, NFC, Bluetooth, Bluetooth LE or optical link, for example. An optical link may comprise an infrared link, or an optical link may comprise thatdevice110 uses a camera comprised indevice110 to algorithmically recognize information thatlocal node120 displays, either permanently printed thereon on displayed on adisplay122 comprised inlocal node120.Display122 may be a monochrome liquid-crystal display or an organic light emitting diode, OLED, display, for example. In general,local link112 enablesdevice110 to obtain information fromlocal node120 whendevice110 is physically nearlocal node120. Near may comprise within a radius of 5 or 10 meters, for example.Display122 is absent in some embodiments.

In general it may be considered thatlocal link112 comprises a first channel and link113 comprises a second channel. The first channel is therefore a local-range channel. The first and second channels may be based on different technologies.Device110 is capable of receiving information fromlocal node120 via both channels, in the case oflocal link112 directly and in the case oflink113 viagateway170,network160,gateway150,network node140 andbase station130. In some embodiments,local link112, comprising the first channel, is two-way whereas in other embodiments it is one-way in the sense thatdevice110 can receive information over it, but not transmit information over it tolocal node120.

In use,device110 may be configured to obtain information fromlocal node120 overlocal link112. Such information may comprise, for example, a secret value. The secret value may be expressed in binary, hexadecimal or decimal format, for example. The information may further comprise an identifier oflocal node120. The information may further comprise a pin code. The information may further comprise an identifier of a network node. An identifier may comprise a uniform resource locator, URL, or uniform resource identifier, URI, for example. The network node the identifier of the network node relates to may comprisenetwork node140 or another network node, such as for example a server. Likewise the identifier oflocal node120 may comprise, for example, a URL or URI oflocal node120.

Device110 may fetch from the network node identified by the identifier of the network node control software configured to control, at least in part,local node120.Device110 may fetch this software by requesting, overlink113, the software from the identified network node. Such a request may comprise, or be at least in part based on, the identifier of the network node obtained indevice110 fromlocal node120. Such a request may comprise the identifier oflocal node120.Device110 may responsively receive the control software. The control software may comprise, for example, a control panel. The control software may comprise, for example, JavaScript software. The fetching and obtaining of the control software may be based on secure hypertext transfer protocol, HTTPS, for example. In embodiments wheredevice110 has software needed to control, at least in part,local node120 the fetching of the control software may be absent, or may comprise only updating the control software to a newer version. In some embodiments,device110 does not need specific control software to control, at least in part,local node120 so fetching such software is not done.

Device110 is configured to open a connection tolocal node120. The connection may traversebase station130,network node140,gateway150,network160 andgateway170, for example. In general the connection may be opened over the second channel. The connection may comprise a maintained state in at least one node enabling delivery of messages betweendevice110 andlocal node120. The connection may comprise a Websocket, CoAP or hypertext transfer protocol, HTTP, connection, for example. The connection may be a non-cryptographic connection in that data communicated over the connection is not encrypted by the connection protocol.

Websocket connections may be run with limited resources, making it a useful option wherelocal node120 is resource-constrained. The set-up of the connection comprises exchange of at least one message betweendevice110 andlocal node120. The

Websocket protocol has been standardized in the internet engineering task force, IETF.Local node120 may transmit, for example in a message comprised in the connection set-up process on in another message, to device110 a random valuelocal node120 has generated.Local node120 may store a copy of the random value in a memory comprised inlocal node120. The random value may be expressed in binary, hexadecimal or decimal format, for example.Local node120 may use a software-based random number generator, orlocal node120 may at least in part use a hardware-based random value generation process. An example of a hardware element usable for generating random values is a thermal noise random number generator.

Being in receipt of the random value and the secret value,device110 may transmit an instruction tolocal node120. The instruction may be comprised in a first message transmitted fromdevice110 tolocal node120, for example. The instruction may comprise, for example, an instruction to turn off air conditioning in caselocal node120 is a home automation control device. Another example is an instruction to provide to device110 a measurement of atmospheric pressure in caselocal node120 is a sensor node equipped with a barometer.

Device110 may be configured to compute a hash, such as for example a rolling hash or a secure hash, of a set of data that comprises the secret value, the random value and the instruction. In general, the hash function used can be a cryptographic hash function. Wheredevice110 obtained a pin code over the first channel, the pin code may be included in the input to the hash function as well.Device110 may provide the output of the hash function, known simply as the hash value or the hash, tolocal node120 in a message. The message may further comprise the instruction separately from the hash.

Once in receipt of the message,local node120 may verify the hash is correct by deriving a hash of the secret value, the random value, the instruction and in case a pin code is used, the pin code. In case the derived hash is the same as the hash received in the message, the hash is correctly verified. In case the hashes fail to match,local node120 may be configured to discard the message, and/or provide over the connection an error signal todevice110.

In some embodiments the message comprising the hash fromdevice110 tolocal node120 needn't separately comprise the instruction. In these embodiments, the number of possible instructions is limited, andlocal node120 may pre-calculate, after sending the random value todevice110, hashes of the secret value, the random value and each of the possible instructions. In embodiments where a pin code is used, the pin code is also used in pre-calculating the hashes. These pre-calculated hashes may be stored in memory oflocal node120, andlocal node120 may verify the hash it receives fromdevice110 by comparing it with the pre-calculated hashes until a match is found, in which case the received hash is thereby verified and the instruction may be acted on, sincelocal node120 will know which instruction was used in deriving the hash that matches the one received fromdevice110. In case the received hash matches none of the stored, pre-calculated hashes, verification fails andlocal node120 may discard the message, and/or provide over the connection an error signal todevice110. Using pre-calculated hashes reduces latency as the hash needn't be derived only after receipt of the message fromdevice110. Pre-calculating may be done after transmission of the random value towarddevice110, for example responsive to transmission of the random value towarddevice110.

In some embodiments,local node120 is configured to begin pre-calculating hashes after transmitting the random value todevice110, but may continue deriving hashes with possible instructions after receiving a message fromdevice110 comprising a hash. This may be the case, for example, wherelocal node120 doesn't have the time to completely pre-calculate the hashes by thetime device110 sends its message with the hash. Alternatively, the pre-calculation process inlocal node120 may have low priority, which may cause it to proceed slowly. In some embodiments, post-calculation is performed instead of pre-calculation, whereinlocal node120 begins deriving hashes with possible instructions, one by one, responsive to receiving fromdevice110 the message comprising the hash. This way,local node120 may stop deriving the hashes responsive to a determination that one of the hashes derived inlocal node120 matches the one received fromdevice110.

In embodiments where local node performs pre-calculation and/or post-calculation of hashes, anddevice110 needn't include the instruction in the message it sends tolocal node120,device110 may receive an indication that messages it sends tolocal node120 to instructlocal node120 needn't comprise the instruction in addition to the hash. Such an indication may be received fromlocal node120 in connection with establishing the connection betweendevice110 andlocal node120, for example. Alternatively, control software configured to controllocal node120 may know that including separately also the instruction is unnecessary, and that sending the hash suffices.

Whether including the instruction is necessary may depend on the number of possible instructions, in detail in case the number of possibledifferent instructions device110 may send tolocal node120 is high, deriving the hashes on the local node side may be too arduous. Where pre-calculation is done, memory constraints inlocal node120 may limit the possibility to pre-calculate and store hashes. In case of post-calculation, a large number of possible instructions may cause delay between receiving the message fromdevice110 and acting on the instruction, aslocal node120 derives hashes one by one in search of one that matches the one received fromdevice110.

In response to an instruction fromdevice110 where the hash verification succeeds,local node120 may be configured to responsively act on the instruction and to transmit, over the connection, a second message back todevice110. The second message may comprise an acknowledgement and/or result relating to the instruction, and a second random value generated inlocal node120. Alternatively, the second random value may be sent fromlocal node120 todevice110 in an additional message. Shoulddevice110 subsequently send a second instruction tolocal node120, a similar process is used as was used with the instruction of the first message, but the second random value is used when calculating the hash.

The second message, sent fromlocal node120 todevice110, may further comprise a hash derived using as input the secret value and the second random value. Thusdevice110 is enabled to check that the second message originates from a node that is in possession of the secret value. In embodiments with a pin code, the pin code may also be used as input when deriving this hash.

Local node120 may be configured to change the secret value periodically, for example by generating a random value to be used as the new secret value. This increases security as devices seeking control oflocal node120 need to obtain the new secret value over the first channel, and cannot rely on a previously obtained secret value.

By changing the random value after each instruction, replay attacks with old instructions are prevented from succeeding since the hashes in old instruction messages no longer match with the random value in use after the old instruction message has been acted on. By using the secret value only obtainable over the local link, the set of devices that can transmit instructions tolocal node120 is limited to those devices that are physically close enough to obtain the secret value fromlocal node120, over the first channel. For example, in case local node is in a hotel room, an office or other access-controlled location, it may be useful to enable control oflocal node120 by devices that are physically close. Thus no cryptographic protocol needs to be used for the connection betweendevice110 andlocal node120, which saves computational and memory resources indevice110 andlocal node120.

In embodiments that employ the pin code, the changing random value renders pin code guessing attacks significantly slower, as in addition to the pin code, an attacker would need to guess the prevailing random value.

Since obtaining the input data of a hash is difficult by analysing the hash, the hashes may be transmitted betweendevice110 andlocal node120 over a connection that in itself is not encrypted. For example, determining the secret value by eavesdropping on messages exchanged betweendevice110 andlocal node120 would be very difficult owing to mathematical properties of hash functions.

FIG. 2 illustrates an example use case in accordance with at least some embodiments of the present invention. In the figure are illustrateddevice110 andlocal node120, which have been described above in connection withFIG. 1. InFIG. 2,local node120 stores pre-calculated hash values120-A,120-B,120-C,120-D and120-E, each of which is derived using a possible instruction. In other words, there are five possible instructions in the example ofFIG. 2.

On thedevice110 side,device110 derives hash110-D from input data which comprises the secret value110-A, the random value110-B, and finally the instruction110-C thatdevice110 wantslocal device120 to carry out. Once hash110-D has been derived, it is transmitted fromdevice110 tolocal node120.Local node120 then determines whether the hash110-D matches any of the pre-calculated hash values, and if so which one, enablinglocal node120 to determine whichinstruction device110 is instructinglocal node120 to carry out.

FIG. 3 illustrates an example apparatus capable of supporting at least some embodiments of the present invention. Illustrated isdevice300, which may comprise, for example,device110 ofFIG. 1 orFIG. 2. Comprised indevice300 isprocessor310, which may comprise, for example, a single- or multi-core processor wherein a single-core processor comprises one processing core and a multi-core processor comprises more than one processing core.Processor310 may comprise a Qualcomm Snapdragon800 processor, for example.Processor310 may comprise more than one processor. A processing core may comprise, for example, a Cortex-A8 processing core manufactured by Intel Corporation or a Brisbane processing core produced by Advanced Micro Devices Corporation.Processor310 may comprise at least one application-specific integrated circuit, ASIC.Processor310 may comprise at least one field-programmable gate array, FPGA.Processor310 may be means for performing method steps indevice300.Processor310 may be configured, at least in part by computer instructions, to perform actions.

Device300 may comprisememory320.Memory320 may comprise random-access memory and/or permanent memory.Memory320 may comprise at least one RAM chip.Memory320 may comprise magnetic, optical and/or holographic memory, for example.Memory320 may be at least in part accessible toprocessor310.Memory320 may be means for storing information.Memory320 may comprise computer instructions thatprocessor310 is configured to execute. When computer instructions configured to causeprocessor310 to perform certain actions are stored inmemory320, anddevice300 overall is configured to run under the direction ofprocessor310 using computer instructions frommemory320,processor310 and/or its at least one processing core may be considered to be configured to perform said certain actions.

Device300 may comprise atransmitter330.Device300 may comprise areceiver340.Transmitter330 andreceiver340 may be configured to transmit and receive, respectively, information in accordance with at least one cellular or non-cellular standard.Transmitter330 may comprise more than one transmitter.Receiver340 may comprise more than one receiver.Transmitter330 and/orreceiver340 may be configured to operate in accordance with global system for mobile communication, GSM, wideband code division multiple access, WCDMA, long term evolution, LTE, IS-95, wireless local area network, WLAN, Ethernet and/or worldwide interoperability for microwave access, WiMAX, standards, for example.

Device300 may comprise a near-field communication, NFC,transceiver350.NFC transceiver350 may support at least one NFC technology, such as NFC, Bluetooth, Wibree or similar technologies.

Device300 may comprise user interface, UI,360.UI360 may comprise at least one of a display, a keyboard, a touchscreen, a vibrator arranged to signal to a user by causingdevice300 to vibrate, a speaker and a microphone. A user may be able to operatedevice300 viaUI360, for example to accept incoming telephone calls, to originate telephone calls or video calls, to browse the Internet, to manage digital files stored inmemory320 or on a cloud accessible viatransmitter330 andreceiver340, or viaNFC transceiver350, and/or to control a local node such aslocal node120 ofFIG. 1 orFIG. 2.

Device300 may comprise or be arranged to accept auser identity module370.User identity module370 may comprise, for example, a subscriber identity module, SIM, card installable indevice300. Auser identity module370 may comprise information identifying a subscription of a user ofdevice300. Auser identity module370 may comprise cryptographic information usable to verify the identity of a user ofdevice300 and/or to facilitate encryption of communicated information and billing of the user ofdevice300 for communication effected viadevice300.

Processor310 may be furnished with a transmitter arranged to output information fromprocessor310, via electrical leads internal todevice300, to other devices comprised indevice300. Such a transmitter may comprise a serial bus transmitter arranged to, for example, output information via at least one electrical lead tomemory320 for storage therein. Alternatively to a serial bus, the transmitter may comprise a parallel bus transmitter. Likewiseprocessor310 may comprise a receiver arranged to receive information inprocessor310, via electrical leads internal todevice300, from other devices comprised indevice300. Such a receiver may comprise a serial bus receiver arranged to, for example, receive information via at least one electrical lead fromreceiver340 for processing inprocessor310. Alternatively to a serial bus, the receiver may comprise a parallel bus receiver.

Device300 may comprise further devices not illustrated inFIG. 3. For example, wheredevice300 comprises a smartphone, it may comprise at least one digital camera. Somedevices300 may comprise a back-facing camera and a front-facing camera, wherein the back-facing camera may be intended for digital photography and the front-facing camera for video telephony.Device300 may comprise a fingerprint sensor arranged to authenticate, at least in part, a user ofdevice300. In some embodiments,device300 lacks at least one device described above. For example, somedevices300 may lack aNFC transceiver350 and/oruser identity module370.

Processor310,memory320,transmitter330,receiver340,NFC transceiver350,UI360 and/oruser identity module370 may be interconnected by electrical leads internal todevice300 in a multitude of different ways. For example, each of the aforementioned devices may be separately connected to a master bus internal todevice300, to allow for the devices to exchange information. However, as the skilled person will appreciate, this is only one example and depending on the embodiment various ways of interconnecting at least two of the aforementioned devices may be selected without departing from the scope of the present invention.

FIG. 4 illustrates signalling in accordance with at least some embodiments of the present invention. On the vertical axes are disposed, from left to right, server SRV,device110 andlocal node120.Device110 andlocal node120 may correspond essentially to like elements discussed above in connection withFIG. 1 andFIG. 2. Server SRV may essentially correspond to the network node discussed above wheredevice110 may fetch the control software described above. Time advances from top toward the bottom of the figure.

Inphase410,device110 obtains fromlocal device120 information over the first channel. This information may comprise the secret value and an identifier oflocal device120. Optionally, the information may further comprise a pin code and/or an identifier of server SRV.

Inoptional phases420 and430,device110 may request and receive, respectively, control software configured to enable control oflocal node120. The requesting ofphase420 may be based at least in part on the identifier of the server SRV.

Inphase440,device110 andlocal node120 form a connection, such as for example a protocol connection, such as for example a Websocket connection. In connection with the forming of the connection,local node120 provides to device110 a random value. In some embodiments,local node120 transmits in connection withphase440 an indication as to whetherdevice110 needs to transmit an instruction and a hash, or only a hash, when instructinglocal node120.

Inphase450,device110 determines an instruction it desires to send tolocal node120.Device110 derives a hash value based at least in part on the secret value, the random value and the instruction.

Inphase460,device110 transmits, over the connection, a message comprising the hash, and, optionally, the instruction, tolocal node120. In case the number of possible instructions is small enough to enable pre-calculating hashes with all possible instructions on the local node side,device110 may omit the instruction from the message ofphase460.Device110 may also omit the instruction in case it has received an indication to this effect in connection withphase440, as described above.

Inphase470,local node120 verifies the hash received inphase460. In case the message ofphase460 comprises the instruction in addition to the hash,local node120 may derive the hash itself, using at least the secret value, the random value and the instruction, and then compare the received hash to the hash derived inlocal node120. In case the received hash matches with the hash derived inlocal node120, the instruction used in the hash is verified, and acted upon.

Where the message ofphase460 doesn't comprise the instruction,local node120 may compare the hash received inphase460 to hashes derived inlocal node120 with different possible instructions. In case the received hash matches with one of the hashes derived inlocal node120, the instruction used in the derived hash is verified, and acted upon. The hashes derived inlocal node120 may be pre-calculated betweenphase440 andphase460, or they may at least in part be derived after receipt of the message ofphase460.

Inphase480local node120 may transmit a message todevice110 informingdevice110, explicitly or implicitly, that the instruction ofphase460 was carried out, or alternatively that verification of the hash in the message ofphase460 failed. The message ofphase480 may comprise a second random value.

Inphase490,device110 determines to send a second instruction tolocal node120, and derives a hash using the second random value, the secret, and the second instruction. The derived hash is transmitted tolocal node120 inphase4100. The hash is verified inlocal node120 inphase4110, and inphase4120local node120 informsdevice110 concerning acting on the second instruction. The message ofphase4120 may comprise a third random value, for use in a subsequent instruction fromdevice110 tolocal node120.

FIG. 5 is a first flow chart of a first method in accordance with at least some embodiments of the present invention. The phases of the illustrated method may be performed indevice110, or in a control device, such as processor or chipset, configured to at least inpart control device110 when implanted therein.

Phase510 comprises receiving, via a first channel, a secret value and an identifier of a local node and, via a second channel, a random value.Phase520 comprises causing transmission to the local node of a first message comprising a hash value, the hash value being derived based on a set comprising the secret value, the random value, and an instruction. The first message may be conveyed to the local node via the second channel.

FIG. 6 is a second flow chart of a second method in accordance with at least some embodiments of the present invention. The phases of the second method may be performed inlocal node120, or in a control device, such as processor or chipset, configured to at least in part controllocal node120 when implanted therein.

Phase610 comprises storing a secret value associated with an apparatus. The apparatus may comprise an apparatus performing the second method.Phase620 comprises transmitting to a node a random value. Phase630 comprises receiving a message from the node, the message comprising a first hash value. Phase640 comprises verifying the first hash value by deriving a comparative hash value based on a set comprising the secret value, an instruction, and the random value. Phase650 comprises, responsive to the comparative hash value matching the first hash value, causing the apparatus to act on the instruction. Finally,phase660 comprises transmitting to the node a second random value.

It is to be understood that the embodiments of the invention disclosed are not limited to the particular structures, process steps, or materials disclosed herein, but are extended to equivalents thereof as would be recognized by those ordinarily skilled in the relevant arts. It should also be understood that terminology employed herein is used for the purpose of describing particular embodiments only and is not intended to be limiting.

Reference throughout this specification to “one embodiment” or “an embodiment” means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases “in one embodiment” or “in an embodiment” in various places throughout this specification are not necessarily all referring to the same embodiment.

As used herein, a plurality of items, structural elements, compositional elements, and/or materials may be presented in a common list for convenience. However, these lists should be construed as though each member of the list is individually identified as a separate and unique member. Thus, no individual member of such list should be construed as a de facto equivalent of any other member of the same list solely based on their presentation in a common group without indications to the contrary. In addition, various embodiments and example of the present invention may be referred to herein along with alternatives for the various components thereof. It is understood that such embodiments, examples, and alternatives are not to be construed as de facto equivalents of one another, but are to be considered as separate and autonomous representations of the present invention.

Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided, such as examples of lengths, widths, shapes, etc., to provide a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that the invention can be practiced without one or more of the specific details, or with other methods, components, materials, etc. In other instances, well-known structures, materials, or operations are not shown or described in detail to avoid obscuring aspects of the invention.

While the forgoing examples are illustrative of the principles of the present invention in one or more particular applications, it will be apparent to those of ordinary skill in the art that numerous modifications in form, usage and details of implementation can be made without the exercise of inventive faculty, and without departing from the principles and concepts of the invention. Accordingly, it is not intended that the invention be limited, except as by the claims set forth below.

Claims (16)

The invention claimed is:

1. An apparatus comprising:

at least one receiver configured to receive, via a first channel, a secret value and an identifier of a local node and, via a second channel, a random value, and

at least one processing core configured to cause transmission to the local node of a first message comprising a hash value, the hash value being derived based on a set comprising the secret value, the random value, and an instruction, wherein

a pin code is received over the first channel to derive the hash value based further on the pin code.

2. The apparatus according toclaim 1, wherein the at least one processing core is configured to derive the hash value.

3. The apparatus according toclaim 1, wherein the first channel comprises a Bluetooth channel, a Bluetooth low-energy channel, a near field communication channel, an infra-red channel or a visual pattern recognition channel.

4. The apparatus according toclaim 1, wherein the second channel comprises a websocket channel, a hypertext transport protocol channel, a constrained application protocol channel, extensible messaging and presence protocol, message queue telemetry transport, alljoyn or hypertext transport protocol channel 2.0 channel.

5. The apparatus according toclaim 1, wherein the at least one processing core is configured to cause the first message to be transmitted via the second channel.

6. The apparatus according toclaim 1, wherein the at least one processing core is further configured to cause transmission of a second message to the local node, the second message comprising a second hash value, the second hash value being derived based on a set comprising the secret value, a second random value, and a second instruction, the second random value being received in the apparatus from the local node at least in part as a response to the first message.

7. The apparatus according toclaim 1, wherein the at least one receiver is further configured to receive, via the first channel, an identifier of a network node and the at least one processing core is configured to request, from the network node, control software configured to cause controlling of the local node, wherein the request comprises the identifier of the local node.

8. The apparatus according toclaim 1, wherein the identifier of the local node comprises an internet protocol address of the local node, a fully qualified domain name of the local node or a pointer to a websocket proxy.

9. The apparatus according toclaim 1, wherein the at least one processing core is configured to process, in the apparatus, an indication concerning whether it is necessary to include the instruction in the message.

10. An apparatus comprising at least one processing core and at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to:

store a secret value associated with the apparatus;

transmit to a node a random value;

receive a message from the node, the message comprising a first hash value;

verify the hash value by deriving a comparative hash value based on a set comprising the secret value, an instruction, and the random value, wherein

the secret value is provided to the node over a first channel,

the message from the node is received over a second channel, and

the comparative hash value is derived based at least in part on a pin code provided to the node from the apparatus via the first channel;

responsive to the comparative hash value matching the first hash value, cause the apparatus to act on the instruction; and

transmit to the node a second random value.

11. The apparatus according toclaim 10, wherein the message comprises, in addition to the first hash value, the instruction.

12. The apparatus according toclaim 10, wherein the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to periodically change the secret value.

13. The apparatus according toclaim 10, wherein the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to derive, after transmitting the random value to the node, at least two comparative hash values using at least two possible values for the instruction.

14. The apparatus according toclaim 10, wherein the at least one memory and the computer program code are configured to, with the at least one processing core, cause the apparatus to transmit to the node a second random value responsive to receipt of the message.

15. A method, comprising:

storing a secret value associated with an apparatus;

transmitting to a node a random value;

receiving a message from the node, the message comprising a first hash value;

verifying the first hash value by deriving a comparative hash value based on a set comprising the secret value, an instruction, and the random value, wherein

the secret value is provided to the node over a first channel,

the message from the node is received over a second channel, and

the comparative hash value is derived based at least in part on a pin code provided to the node from the apparatus via the first channel;

responsive to the comparative hash value matching the first hash value, causing the apparatus to act on the instruction; and

transmitting to the node a second random value.

16. The method according toclaim 15, further comprising pre-calculating, after transmitting the random value to the node, at least two comparative hash values using at least two possible values for the instruction.

Images